On Nov 22, 2006, at 9:30 AM, Luigi De DonĂ wrote:
Could a SSL hop-to-hop communication really improve the general
security of a P2P systems ?
The term "hop-to-hop" implies routing, which is a bad idea IMO. If
two peers want to communicate, have them open a direct connection.
Then run SSL over that connection.
If you are intent on routing, then using SSL on each connection
obviously does not provide end-to-end privacy. You have to decide
whether end-to-end privacy matters in your app. I should note that it
is much easier to modify a P2P app to sniff traffic than to sniff the
Internet (except wi-fi). If you want routing and end-to-end privacy,
I would suggest DTLS over your existing messaging protocol.
Wes Felter - [EMAIL PROTECTED] - http://felter.org/wesley/
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
